526互联

OpenSSH7.4版本升级到7.8版本

发布时间 2023-12-25 20:17:44作者: 技术颜良

OpenSSH7.4版本升级到7.8版本

置顶
xiaohuai吖

已于 2023-05-10 17:26:24 修改

阅读量1.5k
收藏 3

点赞数
文章标签: linux ssh
版权
项目被扫出openssh有严重漏洞,因此要升级openssh到7.8以上版本

[root@localhost ~]# ssh -V
OpenSSH_7.4p1, OpenSSL 1.0.2k-fips 26 Jan 2017
1
2
1,为了防止操作失败,线安装Telnet
yum -y install telnet*
1
systemctl enable telnet.socket
systemctl start telnet.socket
1
2
2,备份原来的SSH服务
mv /etc/ssh /etc/ssh.bak
mv /usr/bin/ssh /usr/bin/ssh.bak
mv /usr/sbin/sshd /usr/sbin/sshd.bak

3,安装新版本OpenSSH
yum install -y openssl openssl-devel gcc gcc-c++ make zlib-devel
1
https://cdn.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-7.8p1.tar.gz

tar zxf openssh-7.8p1.tar.gz
1
cd openssh-7.8p1
1
./configure --prefix=/usr/local/openssh --with-zlib=/usr/local/zlib --with-ssl-dir=/usr/local/ssl
1
make && make install
1
4,卸载原有的openssh
yum remove openssh

5,修改配置文件
vim /usr/local/openssh/etc/sshd_config
PermitRootLogin yes

6,复制相应的系统目录
cp /root/openssh-7.8p1/contrib/redhat/sshd.init /etc/init.d/sshd
cp /root/openssh-7.8p1/contrib/redhat/sshd.pam /etc/pam.d/sshd.pam

chkconfig --add sshd

mkdir -p /etc/ssh
cp /usr/local/openssh/etc/sshd_config /etc/ssh/sshd_config

cp /usr/local/openssh/sbin/sshd /usr/sbin/sshd

cp /usr/local/openssh/bin/ssh /usr/bin/ssh

cp /usr/local/openssh/bin/ssh-keygen /usr/bin/ssh-keygen

cp /usr/local/openssh/etc/ssh_host_ecdsa_key.pub /etc/ssh/ssh_host_ecdsa_key.pub

7,启动,并做开机自启

sshd -t  查看配置是否正确

 

ssh -v root@127.0.0.1  查看配置文件详细信息

 


systemctl daemon-reload

systemctl start sshd

systemctl enable sshd

8,重新生成密钥
ssh-keygen -t rsa

9,验证版本
ssh -V
OpenSSH_7.8p1, OpenSSL 1.0.2k-fips 26 Jan 2017

10,验证ssh功能
[root@ node02 ~]# ssh root@10.0.0.12
The authenticity of host '10.0.0.12 (10.0.0.12)' can't be established.
ECDSA key fingerprint is SHA256:GtOAWcA5Vv/SoACtK5MaASWGADlfCIYlL74oVV8WSp0.
ECDSA key fingerprint is MD5:06:cb:50:fa:17:b7:5a:78:05:e5:d1:89:22:6e:5a:e4.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '10.0.0.12' (ECDSA) to the list of known hosts.
root@10.0.0.12's password:
Last login: Thu Oct 27 13:50:55 2022 from 10.0.0.1
[root@ node01 ~]#
————————————————
版权声明:本文为CSDN博主「xiaohuai吖」的原创文章,遵循CC 4.0 BY-SA版权协议,转载请附上原文出处链接及本声明。
原文链接:https://blog.csdn.net/xiaohuai0444167/article/details/127550959